Skip to main content

Malicious actors deploying Gootkit Loader on Australian Networks

ACSC has observed an increase of Gootkit JavaScript (JS) Loaders on Australian networks.

Alert status

Background/ What has happened?

The ACSC has received an increase in reporting of malicious actors targeting Australian networks with Gootkit JavaScript (JS) Loaders. Gootkit JS Loaders are a precursor to several malware families traditionally used for cybercrime, notably, Gootkit, REvil ransomware, Kronos, or CobaltStrike.

How do I stay secure?

The ACSC has published an advisory about the risks, impacts and preventative actions associated with Gootkit JS Loaders.

Assistance / Where can I go for help?

The ACSC is monitoring the situation and is able to provide assistance and advice as required.

Organisations that have observed similar behaviour, been impacted or require assistance can contact the ACSC via 1300 CYBER1 (1300 292 371). 

Was this information helpful?
Was this information helpful?

Thanks for your feedback!


Tell us why this information was helpful and we’ll work on making more pages like it